How much data security is right for your datacenter?

How much data security is right for your datacenter?

Summary: Every vendor providing services to the datacenter seems to be providing their own form of data security. What does IT need to do to get control of the end-to-end security model?

SHARE:

Data security is an ongoing concern for IT and one that is currently getting a lot of attention as cloud service providers offer applications that move data firmly out of the control of internal IT departments, at some point in the information lifecycle. The issue isn't just cloud related but it is beginning to become one of knowing where your data is and assuring that it is properly secured.

If I had to identify one technology for securing data that seems to be getting the most attention from vendors right now, it would be some form of encryption on the fly. The idea seems to draw its attraction from the apparent transparency of the technique, with data being processed in the same workflow that has already been established, but with an added layer, that is ideally unnoticeable to the consumers of the data, that adds the security of data encryption.

This data protection is appearing in various forms, from software components of cloud applications that do the data encryption/decryption to customer data as it moves to and from the cloud service, to low-lever hardware implementations in Intel's Xeon 5600 processors that use Intel AES-NI (Intel Advanced Encryption Standard - New Instructions) to do specialized encryption processing using features of the CPU.

Plus, of course, there are a range of dedicated appliances that sit on your network and encrypt the traffic that IT has decided merits this layer of security. These appliances sit in between the network and its connections that go to the outside world (or even othr network segments) and control the security of the data that passes through them

The question now becomes "What security model will work best for my datacenter?" If every service vendor is providing their own encryption, if applications what to handle their own encryption, and corporate pressure insists that internal capabilities be providing encryption, how do you make it all work together?  That's the question I'm currently looking to answer.

Topics: Security, Data Centers, Hardware, Intel, Networking, Storage

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • RE: How much data security is right for your datacenter?

    The book I.T. WARS has the answers. Check out the author's blog - Google to: The Business-Technology Weave - for lots of great free reading. We use parts of the book, by the way, for new employee orientation. Great stuff.
    janice33rpm
    • RE: How much data security is right for your datacenter?

      @janice33rpm <br>Actually this topic difficult to portray a webmaster regarding the security of customer data. In most cases security is oversized extamente to avoid problems which may endear the project. I think there should be a specialized area of data security to support these professionals.<br> <a href="http://www.brindesmonarch.com.br">Monarch Brindes</a> <a href="http://www.asacompanhantes.com.br">Acompanhantes famosas</a> <a href="http://www.etil.com.br">Etil equipamentos iluminacao</a>
      Marcossp
  • RE: How much data security is right for your datacenter?

    FEITIAN Technologies Co Ltd., announces FIPS COS Algorithm Validation by CAVP

    Beijing, China, October 8th 2010/ FEITIAN Technologies Co Ltd., (www.ftsafe.com), a leading software security company specializing in authentication products, today announces FIPS COS Algorithm Validation by CAVP.

    FIPS certification is considered the standard for certification of cryptographic module devices internationally and FEITIAN is in the process of obtaining FIPS 140-2. The process of obtaining FIPS requires first that the algorithms are certified followed by CAPV (Cryptographic Algorithm Validation Program) then the device itself. FEITIAN will soon launch their FIPS certified model in the first quarter of 2011.

    FEITIAN being granted FIPS COS Algorithm Validation by CAVP points toward the direction FIETIAN is moving, becoming a leading international player in the PKI technology market. As FEITIAN?s ePass series of PKI tokens expand globally the need for more certification becomes important to meet local regulations. By meeting these standards FEITIAN has proved they are one of the top PKI providers of high technology products worldwide. More information about FEITIANS validation can be found at http://csrc.nist.gov/groups/STM/cavp/validation.html.

    In the past years FEITIAN has provided authentication and information security products that have been used by millions of users worldwide. Through years of experience in the worldwide market they have developed cutting edge products that are now in demand in industries across the globe.

    Moving to FIPS standardization allows FEITIAN to enter new industries that have requested ePass PKI tokens in the past but needed FIPS standardization based on local regulations. Banking and finance institutions worldwide are looking to implement this technology and now they will be able to use FEITIAN products by meeting regulations.

    Currently in the Chinese market FEITIAN is the major player controlling a large market share for strong authentication devices. Banking organizations have chosen to use FEITIAN?s ePass series and OTP Cseries for online banking and transactions across the country.

    FIPS COS Algorithm Validation by CAVP certifies that FEITIAN?s product has successfully passed the first stage of FIPS certification. In the very near future FEITIAN will be announcing their new FIPS certified ePass2003 model that will be competitively prices to enter the market. The ePass2003 model is expected to take a large market share internationally due to the high quality unit and competitive pricing policy that has been implemented.


    ?FIPS COS Algorithm Validation by CAVP moves us in the right direction. Many international organizations have showed great interest in our PKI technology but are regulated to comply with FIPS certification. Our ePass2003 model will comply not only with the regulations enforced abroad but also provide a top of the line market leading technology to cover their needs in all industries? Said FEITIAN?s International Department Director Yang Liu during the press release.
    For more information about FEITIAN?s ePass PKI token series please refer to www.ftsafe.com.

    About FEITIAN
    FEITIAN is a leading supplier of strong authentication, PKI technology and e-signature. Established in 1998 FEITIAN has quickly become a world leader in strong authentication solutions and products. FEITIAN is dedicated to being the leading innovator and developer of smartcard and chip operating system based security technologies and applications. FEITIAN has expanded quickly becoming a global leader in strong authentication and information security serving customers globally. For more information about FEITIAN please visit www.ftsafe.com.

    For more information contact itd@ftsafe.com
    steve.zh
  • RE: How much data security is right for your datacenter?

    the much as possible!
    <a href="http://www.acompanhantessaopaulo.com.br/">acompanhantes sp</a>
    <a href="http://www.acompanhantessaopaulo.com.br/garotas-de-programa-sp">garotas de programa sp</a>
    weblaranja